Let’s Encrypt

For quite some time now I’ve been contributing code to
Let’s Encrypt and more specifically
Certbot. For those of you who never heard of it -
Let’s Encrypt is an automated CA that securely validates domain ownership and
offers FREE certificates.

The nvhost GPU driver for the Tegra kernel contains a heap overflow in the
NVHOST_IOCTL_CTRLL_MODULE_REGRDWRioctl command. The bug results from an
integer overflow that makes the kernel allocate a small heap buffer, and
eventually overruns it with an attacker controllable payload. The current
SELinuxsepolicy allows any untrusted_app to trigger it.

We wanted to exploit CVE-2014-3100 - a stack based buffer overflow in Android’s Keystore.
We needed to bypass the stack canary.
Long story short, we devised probablistic attacks that enables an attacker to
predict random bytes that are extracted from the
underlying entropy pool of /dev/urandom during device boot, such as Keystore’s canary value.

Latex with Katex

Blockquotes are written like so

The individual has always had to struggle to keep from being overwhelmed by
the tribe. If you try it, you will be lonely often, and sometimes frightened.
But no price is too high to pay for the privilege of owning yourself.